bryan/nixos
0
0
Fork 0
mirror of https://github.com/itme-brain/nixos.git synced 2026-03-24 00:29:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

sni-filter

Browse source
This commit is contained in:
Bryan Ramos 2026-03-12 22:39:00 -04:00
parent eaf84e155b
commit 522edac846
1 changed files with 21 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

21
src/system/modules/bitcoin/modules/electrum/default.nix
View file

@ -3,9 +3,11 @@
with lib; with lib;
let let
cfg = config.modules.system.bitcoin.electrum; cfg = config.modules.system.bitcoin.electrum;
nginx = config.modules.system.nginx;
home = "/var/lib/electrs"; home = "/var/lib/electrs";
btc = config.modules.system.bitcoin; btc = config.modules.system.bitcoin;
domain = "ramos.codes";
electrsConfig = pkgs.writeTextFile { electrsConfig = pkgs.writeTextFile {
name = "config.toml"; name = "config.toml";
@ -89,5 +91,24 @@ in
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d ${home} 0750 electrs bitcoin -" "d ${home} 0750 electrs bitcoin -"
]; ];
# Nginx SSL proxy for Electrum protocol (TCP)
networking.firewall.allowedTCPPorts = mkIf nginx.enable [ 50002 ];
services.nginx.streamConfig = mkIf nginx.enable ''
map $ssl_preread_server_name $electrs_backend {
electrum.${domain} 127.0.0.1:50001;
default "";
}
server {
listen 50002 ssl;
ssl_preread on;
proxy_pass $electrs_backend;
ssl_certificate /var/lib/acme/${domain}/fullchain.pem;
ssl_certificate_key /var/lib/acme/${domain}/key.pem;
}
'';
}; };
} }